Restrict ability to create pipelines

silvamerica · March 27, 2019, 4:57pm

Our team would like the ability to restrict creation and editing of pipelines. If someone’s Buildkite account gets compromised, an attacker would have the ability to create new pipelines or edit existing pipelines to run unapproved code within the context of our codebase.

How do others deal with this issue?

lox · March 28, 2019, 1:12am

We’re adding this soon for Enterprise accounts!

Out of interest, how are you protecting against compromised accounts for your source control?

silvamerica · March 28, 2019, 5:21pm

Our source control service allows us to require 2FA for users in our organization, so we have at least a little bit more protection there.

Topic		Replies	Views
View-only User Role Features Requests	6	1229	December 16, 2021
Prevent manual builds Pipelines	2	257	December 21, 2023
Run pipelines based on protected ref Features Requests	1	266	April 29, 2022
Limit PR build triggers by allow list, in addition to branch name Features Requests	4	1002	October 16, 2020
Public Build Security on PRs General	11	2029	July 18, 2021

Restrict ability to create pipelines

Related topics